ZoneAlarm blocks internet access following Microsoft's DNS patch

Print this page! Send a friend Digg It! Add to Del.icio.us
Data: 15-07-2008 [dd-mm-yyyy]
Autore Alfredo Panzera, Opencosmo Security

Users of the ZoneAlarm personal firewall report that they can no longer access the internet after installing the current Microsoft patches. Complaints are piling up in a ZoneAlarm forum on the topic of access problems.

What apparently triggered the problem was the DNS patch, which ensures that Windows DNS queries are no longer sent from a constant UDP port selected from within a small range. Instead, after the Microsoft patch is applied, a random source port is selected for each query. ZoneAlarm's rules do not recognise these DNS queries and ZoneAlarm therefore blocks them.

Checkpoint, the vendor of ZoneAlarm, is apparently already aware of these problems and currently advises users to uninstall the Microsoft patch until a solution can be found. The switch to randomly selected source ports was necessary because security experts had shown that otherwise faked DNS responses could manipulate name resolution.

[Update] ZoneAlarm release a update.

From: http://www.heise-online.co.uk/security/ZoneAlarm-blocks-internet-access-[...]pdate--/news/111076
Print this page! Send a friend Digg It! Add to Del.icio.us



All news:
48 47 46 45 44 43 42 41 40 39 38 37 36 35 34 33 32 31 30 29 28 27 26 25 24 23 22 21 20 19 18 17 16 15 14 13 12 11 10 9 7 6 5 4 3 2

Your Ad Here


In memory of Rgod

In memory of Rgod. Great Italian hacker, programmer and artist.

Infocus

An Introduction to the NSA's Security-Enhanced Linux: SELinux
Susan Rajnic, SANS Institute

Gentoo Security Handbook
Kim Nielsen

Buffer Overflow Complete
Rob Klein Gunnewiek

Opencosmo Poll

Partecipereste volentieri ai corsi gratuiti online di Opencosmo?

1=Si
2=Forse
3=No

Voti: 13
Media: 0.2

Advertise